package cn.lijiajia3515.cairo.security.authentication;

import cn.lijiajia3515.cairo.domain.CairoAccount;
import lombok.EqualsAndHashCode;
import lombok.ToString;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.Assert;

import java.util.Collection;

/**
 * cairo 身份验证 凭证 (spring)
 */
@EqualsAndHashCode(callSuper = true)
@ToString(callSuper = true)
public class CairoAuthenticationToken extends AbstractAuthenticationToken {

	/**
	 * 身份
	 */
	protected final CairoAccount principal;

	/**
	 * @param principal   身份
	 * @param authorities 权限
	 */
	public CairoAuthenticationToken(CairoAccount principal, Collection<? extends GrantedAuthority> authorities) {
		super(authorities);
		Assert.notNull(principal, "account 不能为空");
		this.principal = principal;
		setAuthenticated(true);
	}

	@Override
	public String getCredentials() {
		return null;
	}

	@Override
	public CairoAccount getPrincipal() {
		return principal;
	}

	@Override
	public String getName() {
		if (principal != null) return principal.getId();
		return super.getName();
	}

	/**
	 * 可以扩展此方法 达到动态扩展权限 目的
	 *
	 * @return 权限集合
	 */
	@Override
	public Collection<GrantedAuthority> getAuthorities() {
		return super.getAuthorities();
	}
}
